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IN THE CLAIMS : 

1 (Previously Presented) A method performed by a first server for authenticating a 

user, comprising; 
5 obtaining an asserted identity of said user; 

obtaining a random subset of questions that said user' has previously answered 
with a third party customer verification server that is independent of said first server; and 

presenting one or more questions to said user from said random subset of 
questions until a predefined security threshold is satisfied, wherein said user is authenticated 
1 0 when said predefined security threshold is satisfied 

2. (Original) The method of claim 1, wherein said usei is directed to said customer 

verification server during an enrollment phase. 

15 3 (Original) The method of claim 1, wherein said user verification server instructs 

said user to select and answer' a number of questions that will be used for verification 

4 (Original) The method of claim 3, further comprising the step of storing said 

selected questions at said user's location 

20 

5., (Original) The method of claim 3, further comprising the step of stoting said 

selected questions at said customer verification server 

6 (Original) The method of claim 3, wherein said obtaining step further comprises 

25 the step of receiving an indication of said selected questions from said customer' verification 
server 

7 . (Original) The method of claim 6, wherein said obtaining step further comprises 

the step of obtaining answers from said user 1 for said selected questions. 
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8 . (Original) The method of claim 1, wherein said presenting step is performed by an 

authentication module 

5 9 (Original) The method of claim 8, wherein said authentication module obtains 

answers to said presented questions from said user 

10. (Original) The method of claim 1, wherein said predefined security threshold is 

based on a sum of security weights of correctly answered questions. 

10 

11 (Original) The method of claim 1, wherein one or more of said questions are 
directed to an opinion of said user 

12 (Original) The method of claim 1, wherein one or more of said questions are 
1 5 directed to a trivial fact . 

13, (Original) The method of claim 1, wherein one or more of said questions are 

directed to an indirect fact 

20 14 (Original) The method of claim 1, further comprising the step of presenting said 

user with a larger pool of potential questions for selection of one oi more questions to answer, 

15 (Original) The method of claim 14, further comprising the step of ensuring that 
said questions selected by said user- meet predefined criteria for topic distribution 

25 

16 (Cancelled), 

17 (Cancelled). 
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18, (Original) The method of claim 1, wherein said questions fiom said random 

subset of questions are presented to said user in a random order'. 

19 (Original) The method of claim 1, wherein said questions are presented to said 
5 user in the form of an index identifying each question. 

20 (Original) The method of claim 1, wherein said user responds to said questions by 
returning an index identifying each answer., 

10 21. (Original) The method of claim 20, wherein said index identifying each answer 

can be aggregated to form a password. 

22 (Original) The method of claim 20, wherein a portion of each answer can be 

aggregated to form a password., 

15 

23. (Original) The method of claim 1, further comprising the step of storing an 

indication of said subset of questions on a device or wallet car d or piece of paper associated with 
said user 

20 24 (Pr eviously Presented) An apparatus for' authenticating a user, comprising: 

a memory; and 

at least one processor, coupled to the memory, operative to: 
obtain an asserted identity of said user; 

obtain a random subset of questions that said user has previously answered with a 
25 third party customer verification server that is independent of an entity associated with said 
apparatus; and 

present one or more questions to said user from said random subset of questions 
until a predefined security threshold is satisfied, wherein said user is authenticated when said 
predefined security threshold is satisfied. 
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25 (Original) The apparatus of claim 24, wherein said user is directed to said 

customer verification server during an enrollment phase. 

5 26 (Orrginai) The apparatus of claim 24, wherein said customer verification server 

instructs said user- to select and answer a number of questions that will be used for verification. 

27 (Original) The apparatus of claim 26, wherein said processor is further configured 
to store said selected questions at said user's location 

10 

28 (Original) The apparatus of claim 26, wherein said processor is further configured 
to store said selected questions at said customer verification server. 

29. (Original) The apparatus of claim 26, wherein said obtaining step further 

15 comprises the step of receiving an indication of said selected questions from said customer' 
verification server. 

,30 (Original) The apparatus of claim 24, wherein said presenting step is performed 

by an authentication module. 

20 

31. (Original) The apparatus of claim 24, wher ein said processor is further configured 

to ensure that questions selected by said user meet predefined criteria for topic distribution 

32 (Original) The apparatus of claim 24, wherein said processor is further configured 

25 to ensure that answers to user' selected questions cannot be qualitatively correlated with said user 

33 . (Original) The apparatus of claim 24, wherein said processor is further configur ed 

to ensure that answers to user selected questions cannot be quantitatively correlated with said 
user. 
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34. (Original) The apparatus of claim 24, wherein said questions from said random 

subset of questions ate presented to said user in a random order 

5 35 (Original) The apparatus of claim 24, wherein said questions are presented to said 

user in the form of an index identifying each question 

36 (Original) The apparatus of claim 24, wherein answers to said questions are 
received from said user in the form of an index identifying each answer 

10 

37 (Original) The apparatus of claim 36, wherein said index identifying each answer 
can be aggregated to form a password. 

38. (Original) The apparatus of claim 36, wherein a portion of each answer' can be 

1 5 aggregated to form a passwor d 

39 (Previously Presented) An article of manufacture for authenticating a user by a 

first server, comprising a machine readable medium containing one or 1 more programs which 
when executed implement the steps of: 
20 obtaining an asserted identity of said user; 

obtaining a random subset of questions that said user has previously answered 
with a third party customer verification server that is independent of said first server; and 

presenting one or more questions to said user from said random subset of 
questions until a predefined security threshold is satisfied, wherein said user is authenticated 
25 when said predefined security threshold is satisfied. 
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